what is considered SPAM

What users and mail servers qualify as spam emails in 2021.

Starting from our experience with RealSender,
we have tried to summarize the main points that could affect inbox delivery in 2021.

It is useless to evaluate the other points
if the messages are not expected/desired by their recipients.

USERS reactions

The sender should put himself in the recipient’s shoes, trying to figure out how an email message will be treated.
User complaints can lead to the blacklisting of the entire smtp server or of the domain name, affecting the delivery of all future messages.

  • users generally* can manage their inbox: it is “spam” what every single user considers spam
    * = many freemail providers DO NOT give the option to opt-out of their “internal advertising”
  • the user expresses his choice by clicking the “Report Spam” button (within Gmail)
    or the “Junk” button (within Outlook/Hotmail)
  • the spam filters of modern mail servers are all connected to user complaints, after a certain number of clicks on “Report as Spam”,
    all messages with similar content will be delivered directly to the Spam folder

Basic technical settings are required to get email messages accepted.

IP address and IP class reputation

  • smtp server IP blacklisting, you can find a lot of tools online googling for “blacklist check”
  • smtp server IP class reputation, check our blog article for more information SMTP IP REPUTATION MATTERS
  • if the messages are sent from a personal computer, the reputation of the public IP address of the Internet connection should also be checked
    (some smtp server providers mask the IP address of the internet connection, so that the recipient’s system only sees their IP address)

correct smtp server SETUP

  • reverse DNS
    to make sure the IP address of your mail server points to the domain name that you use for sending mail
  • the mail transfer agent, the application that routes and delivers email,
    should be properly configured, following the latest RFC published by IETF
    see for example: Making Postfix RFC Compliant

proper email AUTHENTICATION

Use email authentication methods, such as SPF and DKIM, to prove that your emails and your domain name belong together.
The nice side-effect is you help in preventing that your email domain is spoofed.

  • SPF, a path-based email authentication protocol that allows email receivers to determine if the sender is authorized to use the domains in the message’s header by evaluating the IP address of the sender’s outbound MTA based on information published by the sender in DNS TXT records. SPF is defined in IETF RFC 4408.
  • DKIM, an email authentication protocol that enables the sender to use public-key cryptography to sign outgoing emails in a manner that can be verified by the receiver. DKIM is defined in IETF RFC 4871. The DKIM standard is adopted by Gmail and other large corporations to completely eliminate phishing and spoofing from internet mail.
  • DMARC, relies on the established SPF and DKIM standards for email authentication. Destination mail servers take action on unauthenticated mail, based on the sender “dmarc policy” and report on the outcome to the sender. DMARC is defined in the Internet Engineering Task Force’s published document RFC 7489.

SPAMASSASSIN check

  • SpamAssassin is a server side software, used for email spam filtering. It uses a variety of spam-detection techniques.
    Each test has a score value. The scores can be positive or negative, with positive values indicating “spam” and negative “ham” (non-spam).
    The default score threshold for the recipient is “5.0”. If an email score lands higher than the threshold, is marked as spam.
    It is so widely used that the score check before sending email messages should be considered mandatory.
  • two online tools can help you to check your SpamAssassin score: isnotspam and mail-tester
    1. you have to send the message to the email address provided
    2. after a few seconds click the “view your report” or the “then check your score” buttons

The only surefire way to see if an email is classified as spam is to…
send it, and see how it shows up on the other side.

TRY and see what happens

  • If you receive a bounced message, this can be of great help, because the last few lines usually describes the problem that caused the rejection.
    If the explanation is incomprehensible, simply try sending a message with subject and content “Test message” and check if it is accepted.
    In this case, you should send the same message several times, reducing the content gradually, until you identify which part activates the spam filter.
  • Having a detailed sending log, can help you to verify if the messages are accepted of rejected
    examples of information available in the log
  • In some (rare) cases a sort of “whitelisting” is required.
    Some spam system learns from what users do with the messages they receive.
    If the individual recipient flags once the received mail as NON spam,
    it will learn that they are valid messages and will begin delivering them in the “Inbox” folder instead of “Junk”.
    Alternatively, the sender must be in the address book of the recipient or have previously exchanged emails with him.